漏洞 Vulnerability IBM Cloud Application Business Insights 修复多个漏洞 https://www.ibm.com/blogs/psirt/security-bulletin-vulnerabilities-in-apache-log4j-impact-ibm-cloud-application-business-insights-cve-2021-45105-cve-2021-45046/ SolrWinds 修复 Web Help Desk 服务中的漏洞 https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35243 安全事件 Security Incident 分析Andariel组织的TigerDownloader和TigerRAT https://threatray.com/blog/establishing-the-tigerrat-and-tigerdownloader-malware-families/ 使用COVID-19主题为诱饵针对海外公民的网络钓鱼活动 https://www.telsy.com/phishing-campaign-targeting-citizens-abroad-using-covid-19-theme-lures/ 2easy现在是被盗数据的重要暗网市场 https://www.bleepingcomputer.com/news/security/2easy-now-a-significant-dark-web-marketplace-for-stolen-data/ 800K WordPress站点仍然受到严重SEO插件缺陷的影响 https://www.bleepingcomputer.com/news/security/800k-wordpress-sites-still-impacted-by-critical-seo-plugin-flaw/ 新的漏洞使恶意软件攻击者绕过关键Microsoft MSHTML缺陷的修补程序 https://thehackernews.com/2021/12/new-exploit-lets-malware-attackers.html 加纳政府机构在数据库混乱中泄露了70万公民的数据 https://www.hackread.com/ghana-govt-agency-citizens-data-leak/